Trick or Treat: Spotting the Difference Between Spoofed or Real Emails

October 25th, 2021 by admin

Closeup of hands typing on a laptop, with Halloween paraphernalia scattered around the laptop

A frightening three billion spoofing messages are sent daily, representing 1% of total email traffic. A spoofed email is a fake email that looks like it’s from a trusted source but isn’t. It typically includes links to malicious websites that can steal your personal information or infect your computer with malware. To make matters worse, spoofed emails are difficult to detect and offer a false sense of trustworthiness. The damages caused by this type of attack are spooky, so it’s best to be prepared. This article will discuss the top 5 things to watch for in illegitimate or spoofed emails.

1. Confirm the URL of the email

Look closer at the sender than just the name. Although the name on the email may say, John Doe, CEO, the email URL may actually be from If your CEO is sending you an email, likely, it shouldn’t come from a domain like So, watch for domains that aren’t from a company address. Even scarier, sometimes the hackers make the domains look realistic by using slight misspellings or other minor errors that are easy to miss.

2. Look closer at the header

Pay attention to other areas of the email header, such as the ‘Reply-To’ and ‘Return-Path’. The 'Reply-To' header is usually concealed from the receiver when they get the message and frequently missed while replying. If the reply-to address does not match the sender or the site, it's likely faked. The 'Return-Path.' tells you where the message came from. While forging the Return-Path in a message header is doable, it is rare.

3. Check out the email’s content

The content of the email can tell you a lot about it. First and foremost, check out the grammar for any misspellings or improper usage. Frequently, there are typos in a spoofed message. Check if your name or the sender's name is spelled correctly in the message. Does the message reflect the sender’s usual tone, and does the message have the standard company branding? Is there a sense of urgency in the message? All of these are tell-tale signs of a spoofed message.

4. Tread carefully with links

Links should be looked at carefully in any email. A link is suspicious if the destination address does not fit the email's context. Unfortunately, both genuine and fraudulent emails often conceal the destination URL in a button, making it difficult to follow the link. However, it's relatively easy to check where the button or concealed link takes you. Just hover over the button with your mouse until a popup shows up with the address. On a mobile device, press down on the link until the same popup shows up.

5. Watch out for suspicious attachments

Always be cautious of attachments, as they may be infected. An infected attachment is a seemingly harmless document. However, once clicked, it installs malware on the device. Don't open an attachment unless you are certain the communication is genuine. Even so, you should scan the attachment for anything suspicious. If you get a popup warning regarding the file's authenticity or the program asks you to change your settings, don't. Instead, contact the sender and ask them to confirm it's genuine.

Staying proactive

The best way to not get tricked is to be informed. Staying up to date and training employees on identifying the latest cyberattacks, such as phishing, will help stop attackers in their tracks. When in doubt, reach out to the sender by another medium and confirm if they sent the email. Being prepared can potentially save a business from the horrors of a successful cyber-attack.

At Equinox IT Services we understand the problems and security issues that plague businesses and their employees. Our professional IT services will ensure your network remains secure and protected from the many cyber threats that exist. For more information please visit our website and contact us us to see how we can assist your IT needs.

Posted in: Protection, Security, Tech Tips